Cyber security news for all

More

    Mobile Security

    A new wave of cyberattacks linked to North Korean threat actors is taking aim at software developers by embedding malicious code in Python packages....

    Malicious Google Ads Impersonating AI Platforms to Spread Malware

    A new malvertising campaign is targeting users searching for DeepSeek, a widely used AI tool. The attackers place fake sponsored ads at the top of Google search results, imitating official DeepSeek links but redirecting users to harmful websites. These fake websites are designed to look nearly identical to the real...

    WordPress ‘mu-Plugins’ Directory Abused to Spread Spam and Maintain Access

    A new method of abuse targeting WordPress websites has been observed, where attackers are planting malicious code inside the lesser-known mu-plugins (must-use plugins) directory. This approach helps them hide their presence, maintain long-term access, and manipulate website content for malicious purposes. Unlike regular plugins, mu-plugins are automatically loaded by WordPress...

    OBSCURE#BAT Malware Utilizes Forged CAPTCHA Interfaces to Deploy Rootkit r77 and Circumvent Detection

    A nascent surge of malevolent software activity has been discerned, cunningly exploiting manipulative social engineering stratagems to disseminate the open-source rootkit, r77. This endeavor, denominated OBSCURE#BAT by Securonix, empowers cyber adversaries to entrench enduring footholds and deftly elude systematic scrutiny within infiltrated systems. The architects behind this campaign remain shrouded...

    Over 4,000 ISP IPs Assaulted in Brute-Force Raids to Deploy Info Stealers and Cryptominers

    A wave of cyber offensives has zeroed in on internet service providers (ISPs) across China and the U.S. West Coast, unleashing information-stealing malware and cryptojacking software onto compromised systems. This large-scale brute-force campaign, dissected by the Splunk Threat Research Team, not only enables data theft but also lays the...

    FBI, Europol, and NCA Dismantle 8Base Ransomware Data Leak and Negotiation Domains

    In a meticulously orchestrated multinational operation, law enforcement agencies have successfully eradicated the dark web platforms utilized by the 8Base ransomware syndicate for data extortion and victim negotiations. Visitors attempting to access the compromised leak site are now confronted with an official seizure notice stating: "This clandestine platform and its...

    Malware & Threats

    Most Popular

    Stay on op - Ge the daily news in your inbox

    Latest Articles